G
gnewsgroup
We have a requirement from our client. Basically, they wanna do an
online survey through a public-access web site (in other words,
anonymous access allowed), but do not want any user to do the survey
more than once.
We told them that this is not possible. But they insist that it is
possible and said that they did that before by getting the user
identity through:
System.Web.HttpContext.Current.User.Identity.Name
To my understanding, we can obtain user identity through this line of
code above only if some kind of authentication is required to access
the web application, for example, Integrated Windows Authentication
(IWA)
The web application may or may not prompt the user for his/her user
name and password if we turn on Integrated Windows Authentication,
depending on the security settings of the browser and domain of the
computer. Our client does not like this IWA idea and said that some
trick in Web.config would make it possible to allow anonymous access
and meanwhile to be able to retrieve user identity.
It's very clear that they want the survey to be anonymously accessible
and at the same time want the user identity of the survey
participants.
My understanding is that this requirement is intrinsically
contradictory. I am not sure what trick can make this happen. Any
idea to share? Thank you very much.
online survey through a public-access web site (in other words,
anonymous access allowed), but do not want any user to do the survey
more than once.
We told them that this is not possible. But they insist that it is
possible and said that they did that before by getting the user
identity through:
System.Web.HttpContext.Current.User.Identity.Name
To my understanding, we can obtain user identity through this line of
code above only if some kind of authentication is required to access
the web application, for example, Integrated Windows Authentication
(IWA)
The web application may or may not prompt the user for his/her user
name and password if we turn on Integrated Windows Authentication,
depending on the security settings of the browser and domain of the
computer. Our client does not like this IWA idea and said that some
trick in Web.config would make it possible to allow anonymous access
and meanwhile to be able to retrieve user identity.
It's very clear that they want the survey to be anonymously accessible
and at the same time want the user identity of the survey
participants.
My understanding is that this requirement is intrinsically
contradictory. I am not sure what trick can make this happen. Any
idea to share? Thank you very much.